Challenge Like so many other enterprises, one particular healthcare com- pany was having trouble meeting all the varied requirements for certification under the standard known as SOC2. The SOC2 standard focuses on non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy. These standards also apply to the systems that touch the data. SOC2 reporting requirements include the proper monitoring of log-on attempts, password changes, and user access violations. Given this system’s size and growth — it manages a portfolio of diverse health-related businesses serving 50 million people — that’s a lot of records to access and analyze. To process all the relevant SMF security records generated each day by its three IBM

Join for free to read